Infeasible
Status Update
No update yet.
Comments
dr...@gmail.com
Hello,
You can control the traffic based on the request/response headers of the Target proxies [1] [2]. However, there is already a feature request to allow this directly on the LB, but I can't provide you with an ETA or guarantee its implementation.
Another way of doing it, will be by creating an internal Load Balancer [3], and have a VPN tunnel from the office to your instances. This will guarantee a secure connection, and the load will be balanced among your instances but it might add extra cost.
Keep in mind that the internal Load Balancer is still in Alpha and is not recommended in production.
Should you have any other Feature requests that you would like them to be implemented for a certain use case, please do not hesitate to open a new thread. We will be more than happy to assist in any way we can.
Any updates about this feature will be posted here as well.
Sincerely,
George
[1]:https://cloud.google.com/compute/docs/load-balancing/http/#components
[2]:https://cloud.google.com/compute/docs/load-balancing/http/target-proxies
[3]:https://cloud.google.com/compute/docs/load-balancing/internal/
You can control the traffic based on the request/response headers of the Target proxies [1] [2]. However, there is already a feature request to allow this directly on the LB, but I can't provide you with an ETA or guarantee its implementation.
Another way of doing it, will be by creating an internal Load Balancer [3], and have a VPN tunnel from the office to your instances. This will guarantee a secure connection, and the load will be balanced among your instances but it might add extra cost.
Keep in mind that the internal Load Balancer is still in Alpha and is not recommended in production.
Should you have any other Feature requests that you would like them to be implemented for a certain use case, please do not hesitate to open a new thread. We will be more than happy to assist in any way we can.
Any updates about this feature will be posted here as well.
Sincerely,
George
[1]:
[2]:
[3]:
dr...@gmail.com
As I can see - internal load balancer don't work with VPN tunnel.
hb...@gmail.com
Another use case: I want to test and benchmark my site in its production configuration, including the load balancer. As it stands, I either have to write some code to drop requests based on X-Forwarded-For or just have it open to the public and hope nobody finds it. Firewall rules on the LB would make my life easier.
ph...@gmail.com
We would like to be able to apply firewalls to our load balancers to stop the outside world from being able to hit our dev/stg environments, and our CDN origins.
en...@google.com
[Deleted User] <[Deleted User]>
We would like to be able to apply firewall rules to the Load Balancer to apply a blacklist of IP addresses that have been detected as attempting to run injection attacks against our websites.
Seeing as the Firewall Rules that are currently in place apply after the IP address has been changed by the load balancer, there is nowhere to kill the "bad" IP addresses.
Seeing as the Firewall Rules that are currently in place apply after the IP address has been changed by the load balancer, there is nowhere to kill the "bad" IP addresses.
Description
That's with the Chrome browser.
However, they do work with the Firefox browser (uses WebM).